I recently received a request to add additional features to Pegleg's
generate passphrases command. The desire was to support multiple
types of secrets:
1. passphrases (24+ characters, including characters from upper,
lower, number, symbol).
2. base64 encoded passphrases.
3. UUID4.
As well as adding an additional flag to prevent Pegleg from
regenerating specific passphrases that are sensitive to rotation.
Finally, responding to an enhancement request interactive
passphrase generation can now be specified via the command line for
all passphrases, or by specifying 'prompt': True for specific
passphrases in passphrase-catalog.yaml
These objectives were completed by:
1. Updating passphrase_catalog.py to support a type field. If a
type is not specified, default to existing passphrase generation.
If an invalid value is specified, raise an exception.
2. Updating passphrase_catalog.py to support a regenerable field. If
the regenerable field is not specified, default to True. If an
invalid value is specified, raise an exception. When regenerable
is determined, secrets of 'uuid' type always use regenerable=False
as they should be one time values created at time of deployment
but not rotated.
3. Updating passphrase_catalog.py to support a prompt field. If the
prompt field is not specified, default to False. If an invalid
value is specified, raise an exception.
4. Adding appropriate exceptions.
5. Updating passphrase_generator.py to handle the new type checks,
UUID will use UUID4, base64 uses the existing logic of generating
a random passphrase and base64 encoding it, and existing logic
remains for generating a random passphrase.
6. Updating passphrase_generator.py to handle the regenerable field.
It checks if a file is present at the expected save path, and if
regenerable=False. If both are true, the passphrase is skipped so
the passphrase is not overwritten.
7. Updating unit tests to validate the new type checks.
NOTE: # nosec is used in passphrase_generator.py on the
'if passphrase_type == <special type>' statements. These are not a
security concern, but do cause Bandit error B105. See documentation
for B105 in [0]
Local testing of the generate passphrase command with the following
passphrase types:
passphrase_b64 : base64
passphrase_uuid : uuid
passphrase_specified : passphrase (specified)
passphrase_defaulted : passphrase (defaulted)
Resulted in the following data for each:
passphrase_b64.yaml:data: !!binary |
UDI1SGFFZHFlbWhITjBrdGJHZGFWRkp6UlZWdFdVNUQ=
passphrase_uuid.yaml:data: 5ce7c6bc-00d2-4b2c-9222-54891f075656
passphrase_specified.yaml:data: cYTenMYXFHUKn6ppYjx#+Hdx
passphrase_defaulted.yaml:data: 13ryjaM?I@sP#3&YQXuQEik4
[0] https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
Change-Id: I389316c5194ffa06f3df5114f7ac5f4f2887b319
This patch addresses inconsistent code style and enforces it with a
gate for future submissions.
Separate work will be done in the future to address several of the
PEP8 ignores for docstrings, and attempt to bring the tests directory
to PEP8 compliance.
This patch:
1. Updates .style.yapf to set the knobs desired for YAPF.
2. Updates tox.ini to allow one of the knobs to work.
3. Removes unused code from several __init__.py files.
4. Updates the YAPF version in test-requirements.txt to latest (this
is needed for several knobs to work).
5. Stylistic changes to the python codebase in Pegleg.
6. Updates to tox.ini to run YAPF during PEP8 check.
Change-Id: Ieaa0fdef2b601d01c875d64b840986e54df73abf
There were some inconsistencies around whether string parameter passed
into Git exceptions is called repo_path or repo_url, causing the
exception detail to occasionally not get rendered. This change
standardizes on repo_url.
Change-Id: Ibc78b33cc0e1fcd67820954b715f480a5b1f6496
This patchset adds support for globally encrypted secrets.
Documents with a "site" layer will be encrypted/decrypted with the
standard PEGLEG_PASSPHRASE and PEGLEG_SALT environment variables.
If any secrets exist for the site with a schema of "global_passphrase"
or "global_salt" their values will be captured and used to decrypt
any secrets that do not belong to "site" layer. If the global keys
do not exist, Pegleg will default to using site keys.
Expected usage:
1. Set site passphrase/salt environment variables
2. Select a global passphrase and salt
3. Use Pegleg's "wrap" command to wrap and encrypt the global keys
4. Encrypt or wrap documents with "global" layer
5. Provide Pegleg path to decrypt
In the case of (4) and (5) Pegleg will determine the correct keys
to use automatically
Change-Id: I5de6d63573619b346fe011628ae21e053e0711f6
This patch detects when a repository URL requires username substitution
and raises an exception when no username was specified.
Change-Id: Ia60982ecddd957cff8709118b3eb8a905258dd06
Shipyard helper's upload documents method supports two default modes
of buffer. None, and append. We want to allow the user to dictate
which mode is used to support the other methods Shipyard itself has.
To accomplish this we add a new command line argument, a new variable
and leave existing behavior intact via the new default 'auto' mode
Change-Id: I7a252efa7fe7a766152c42d9398c3290d7e52a13
This patch:
1. Allows user to change valid duration of newly generated certs
default=1yr
2. Allows user to check certs that are expiring soon default=60d
Change-Id: Ia5c87a0c52b39b778f425599fa215fb67147c65b
The exception raised on attempting to generate passphrases without a
passphrase catalog has been revised from a
PassphraseSchemaNotFoundException to a
PassphraseCatalogNotFoundException
Change-Id: Ifbb2903638ffffe5008db52adb6f874bcfa25a99
This patch:
1. Sets the salt in config when running genesis bundle
2. Updates the genesis bundle CLI method
3. Adds exception types for credentials
4. Updates unit tests to be compliant with new exceptions
Change-Id: I8869f897e2c25b98c30eaa6be52356aae4ac63b6
Added a pegleg cli command to build genesis.sh bundle for
a site deployment.
Pegleg imports promenade engine, and uses promenade to build
and encrypt the genesis.sh deployment bundle.
Change-Id: I1a489459b2c56b7b53018c32aab5e6550c69e1d2
1. Adds the passphrases generation capability in Pegleg CLI,
so that pegleg can generation random passwords based on a
specification declared in pegleg/PassphrasesCatalog documents
2. Pegleg also wraps the generated passphrase documents in
pegleg managed documents, and encrypts the data.
3. Adds unit test cases for passphrase generation.
4. Updates pegleg CLI document.
Change-Id: I21d7668788cc24a8e0cc9cb0fb11df97600d0090
This patch set expands on the unit test coverage for lint checks
in test_selectable_linting which only covers a small subset of
the lint checks handled by Pegleg. This logic should be properly
tested as linting is fundamental to Pegleg functionality.
Change-Id: I6a59295982abd22bba8036827cefd4186b68e2fb
This patch set cleans up the current implementation of pegleg. As
all the git exceptions inconsistently inits or override the message.
This also cleans up a handful of incorrect kwarg keywords, and improve
handling of the exception messages.
Change-Id: I438eb032728c71cbf972c2120a76d06106cb1580
Signed-off-by: Tin Lam <tin@irrational.io>
This patch set replaces raising NotADirectoryError after trying
to parse a repository for its root path (normalize_repo_path in
pegleg.engine.util.git) with a better exception
(exceptions.GitInvalidRepoException). It is better because a
folder can still not be a repo, so raising the first exception
isn't apropos.
Next, this patch set changes where the exception is raised --
which is in normalize_repo_path itself, which is more appropriate
as the function is used in many places and so there should be
intrinsic error handling so as to avoid having to wrap it every
time.
Change-Id: I918d8c293f1140eb80c83499dba2c23af232b79e
This patch set standardizes the Pegleg directory
structure because of the following reasons:
1) src/bin/pegleg is not necessary and only makes
building (e.g. documentation building) and running
of tox targets unnecessarily difficult.
2) src/bin/pegleg is a Java-like standard that
bears no relevance to Python.
Change-Id: I37d39d3d6186b92f8fbfe234221c9e44da48cf10
Alexander Hughes